Intel Class Action Lawsuit Claims CPUs Were Insufficiently Secure

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

A class action lawsuit accuses Intel of sacrificing security for speed, putting users’ data at risk to hacking.

Plaintiff Joshua Nathan claims that on Aug. 25, 2017, he purchased a Lenovo Yoga 910 laptop that contained an Intel Core i7 processor.

He says that his laptop, along with other consumers’ laptops containing the Intel Core i7, and other Intel processors, were vulnerable to hacking due to insufficient security in the processor’s design.

Nathan goes on to claim that had he known about the processor’s significant security issues, he, like many other consumers, would not have chosen to purchase that laptop.

The Intel security class action lawsuit alleges that Intel’s success in selling processors came largely because they were able to produce processors that were faster than most others. However, the Intel processor class action lawsuit goes on to allege that in its haste to produce and market the faster processors (or CPUs — central processing units), the company compromised security.

Nathan claims that “in order to make faster CPUs, Intel took shortcuts. Unfortunately, these shortcuts created a vulnerability or flaw that gives hackers and other cybercriminals the ability to access sensitive, private, and purportedly secure information.”

Allegedly, these flaws impact all processors produced by Intel since at least 2004. Two flaws exposed in the processors have become known as “Meltdown” and “Spectre” in the computer industry, to describe the scope and severity of the security compromises. These compromises reportedly exposed the sensitive information of millions of users, leaving them vulnerable to identify theft.

Nathan says Intel was negligent in selling processors with such significant security problems, and then neglected to notify consumers of the problem in a timely manner, or take sufficient action to remedy the problem in a timely manner. Allegedly, Google discovered the processor’s flaws in June 2017, and notified Intel.

However, consumers did not become aware of the flaws until January 3. Even then, Intel did not take action to notify its customers — an independent media account allegedly reported that the processors had a flaw that allowed external software (by hackers and other cybercriminals) to read the processor’s kernel memory, the type of memory that controls a computer’s vital function.

Nathan claims that Intel took not action to notify consumers of the security problems between July and January, and their public filings with the U.S. Securities and Exchange Commission did not show that Intel’s processors were experiencing security issues.

Allegedly, Intel, like other companies in a race to produce fast processors at the expense of security, developed software “patches” to compensate for and supposedly fix the vulnerability.

However, Nathan states that the patch, as well as initial security vulnerabilities, caused him financial injury. He claims that he feels like he does not have a good option to remedy the financial injury caused by the issue — either he can live with the security risks of having a processor with no patch, or attempt to increase his processor’s security with the patch, but in so doing, sacrifice significant processing speed, thereby decreasing the value of his computer.

Nathan is represented by Jeffrey A. Leon of Quantum Legal LLC.

The Intel Processor Security Problem Class Action Lawsuit is Joshua Nathan v. Intel Corporation, Case No. 1:18-cv-02754, in the U.S. District Court for the Northern District of Illinois, Eastern Division.